Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
25s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
01/12/2022, 04:25
Static task
static1
Behavioral task
behavioral1
Sample
62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe
Resource
win10v2004-20220812-en
General
-
Target
62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe
-
Size
320KB
-
MD5
17cb2ee2905dc78ee66471ea18cba4c0
-
SHA1
f36b39552d37b22dbd79840c3c4d795fe2124244
-
SHA256
62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a
-
SHA512
94e3a90e5bcef2be41f4e0b07ddcdf6dd34b922a538d1040d1938a7bee35f9d3aeb1783224a725d6383b7c89253b863c320e1c2a5d88155be020fcced282666f
-
SSDEEP
6144:dCE06UWVEudvlEvS7/jUq6JkZWspn7SMWJyJz4vz2trz:dCLurwS7776JkV7SMWJk4vze
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1676 62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe 1676 62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe